msaad00/agent-bom

What's Changed

• fix: add install metadata to SKILL.md for OpenClaw by @msaad00 in https://github.com/msaad00/agent-bom/pull/129
• feat: runtime security intelligence + OCSF + instruction provenance (v0.39.0) by @msaad00 in https://github.com/msaad00/agent-bom/pull/130
• feat: dynamic discovery engine + interactive dashboard (v0.40.0) by @msaad00 in https://github.com/msaad00/agent-bom/pull/131
• feat: agent context graph + lateral movement analysis (v0.41.0) by @msaad00 in https://github.com/msaad00/agent-bom/pull/132
• fix: enterprise security hardening — thread safety, SSRF, error sanitization, least privilege by @msaad00 in https://github.com/msaad00/agent-bom/pull/133
• fix: README + diagram alignment — stale counts, missing features, workflow redesign by @msaad00 in https://github.com/msaad00/agent-bom/pull/134
• feat: enterprise UI upgrade — component decomposition + responsive nav + graph DX by @msaad00 in https://github.com/msaad00/agent-bom/pull/135
• feat: deps.dev integration — transitive deps + universal license enrichment by @msaad00 in https://github.com/msaad00/agent-bom/pull/136
• feat: license scanning & compliance policy engine by @msaad00 in https://github.com/msaad00/agent-bom/pull/137
• feat: VEX support — vulnerability exploitability exchange by @msaad00 in https://github.com/msaad00/agent-bom/pull/143
• feat: toxic combination detection — Wiz-style chained risk by @msaad00 in https://github.com/msaad00/agent-bom/pull/139
• feat: graph backend + scanner hardening + enterprise RBAC by @msaad00 in https://github.com/msaad00/agent-bom/pull/144
• refactor: centralize shared constants (dedup 5x AI_PACKAGES, 5x severities, 3x patterns) by @msaad00 in https://github.com/msaad00/agent-bom/pull/145
• feat: add NIST CSF, ISO 27001, SOC 2, CIS Controls v8 compliance mappings by @msaad00 in https://github.com/msaad00/agent-bom/pull/146
• docs: architecture diagrams + NOTICE file + DCO by @msaad00 in https://github.com/msaad00/agent-bom/pull/147
• ci: scheduled CVE refresh + container re-scan + pin freshness check by @msaad00 in https://github.com/msaad00/agent-bom/pull/148
• feat: severity granularity + CIS platform note + NOTICE fix by @msaad00 in https://github.com/msaad00/agent-bom/pull/150
• chore: bump version to v0.49.0 by @msaad00 in https://github.com/msaad00/agent-bom/pull/149
• docs: restructure README for individual vs enterprise users by @msaad00 in https://github.com/msaad00/agent-bom/pull/151
• fix: stale SVG counts, dependency CVE pins, publish version extraction by @msaad00 in https://github.com/msaad00/agent-bom/pull/152
• ci: pin build tool versions in CI workflows by @msaad00 in https://github.com/msaad00/agent-bom/pull/153
• docs: add scanner architecture diagram (7-stage pipeline) by @msaad00 in https://github.com/msaad00/agent-bom/pull/154
• fix: resolve ajv ReDoS vulnerability in UI by @msaad00 in https://github.com/msaad00/agent-bom/pull/155
• fix: simplify scanner architecture diagram by @msaad00 in https://github.com/msaad00/agent-bom/pull/157
• ci: add SCORECARD_TOKEN for branch-protection check by @msaad00 in https://github.com/msaad00/agent-bom/pull/156
• fix: clean scanner architecture diagram — remove overlapping lines by @msaad00 in https://github.com/msaad00/agent-bom/pull/158
• feat: SAST scanning via Semgrep wrapper by @msaad00 in https://github.com/msaad00/agent-bom/pull/159
• fix: Phase 1 hardening — deduplicate AI packages, configurable thresholds, word-boundary tool classification by @msaad00 in https://github.com/msaad00/agent-bom/pull/160
• fix: Phase 2 hardening — config centralization, HMAC fix, inventory ingestion by @msaad00 in https://github.com/msaad00/agent-bom/pull/161
• docs: align stale numbers — 16 tools, 2,700+ tests, add code_scan by @msaad00 in https://github.com/msaad00/agent-bom/pull/162
• feat: NVD vulnerability status tracking + remediation source links by @msaad00 in https://github.com/msaad00/agent-bom/pull/163
• fix: update Dockerfile.sse tool count from 14 to 16 by @msaad00 in https://github.com/msaad00/agent-bom/pull/164
• feat: CVE-level compliance framework tagging for enterprise audit by @msaad00 in https://github.com/msaad00/agent-bom/pull/165
• docs: update diagrams and README with recent features by @msaad00 in https://github.com/msaad00/agent-bom/pull/166
• docs: visual-first README overhaul + PyPI description update by @msaad00 in https://github.com/msaad00/agent-bom/pull/167
• feat: protect CLI command + K8s unit tests by @msaad00 in https://github.com/msaad00/agent-bom/pull/168
• feat: Docker registry auth + multi-arch image scanning by @msaad00 in https://github.com/msaad00/agent-bom/pull/169
• feat: K8s deploy manifests, Helm chart, Prometheus metrics by @msaad00 in https://github.com/msaad00/agent-bom/pull/170
• docs: redesign README diagrams — clean minimal architecture by @msaad00 in https://github.com/msaad00/agent-bom/pull/171
• chore: bump version 0.49.0 → 0.50.0 by @msaad00 in https://github.com/msaad00/agent-bom/pull/172
• docs: comprehensive diagram redesign showing full capability scope by @msaad00 in https://github.com/msaad00/agent-bom/pull/173
• docs: definitive diagram redesign — full depth + proprietary vs external by @msaad00 in https://github.com/msaad00/agent-bom/pull/174

Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.38.1...v0.50.0